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(54) Computer security system 

(57) Several embodiments of computer security 
systems are described and which are adapted to grant 
an authorized individual access to a secured domain; 
such as a computer or data stream. In one embodiment, 
the security system comprises: an analyzing means for 
receiving first arid second passwords, each of said 
passwords being transmitted over a first communication 
channel, analyzing said first password, transmitting a 
first signal output only if said first password is author- 



(74) Representative: Matschnig, Franz, Qipl.-tng. 
Siebensterngasse 54 
1070 Wien (AT) . 

Remarks: • 



A request for correction (exchanging the contents of 
figure 1 with figure 2 and vice versa) has been filed 
pursuant to Rule 68 .EPC. A .decision on the . request 
will be taken during the proceedings before ihe 
Examining Division (Guidelines for Examination in 
. the EPO, A-V, 3.). 



ized : and granting access to said secured domain only 
if said second password is. substantially identical to a 
code; and a random code generating means for gener- 
ating said code, transmitting said code over a second 
communication channel upon receipt. of first signal out- 
put, and transmitting said code to said analyzing means; 
and a notification means for receiving said code and for 
notifying said authorized individual of the identity of said ; 
code. ' . 
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Description 

1. Field of the Invention 

The present invention relates to a security and/or 
access restriction system and, in one embodiment, to a 
security and/or access restriction system which is 
adapted to grant only authorized users access to a com- 
' puter system and/or to certain data which may be resi- 
dent within the computer system and/or resident within 
a communications channel . and/or other communica- 
tions medium: ■ 

2. Background of the Invention 

In recent years, computers have proliferated in all 
parts of worldwide society, including but not limited to, 
banking, financial services, business, education, and 
various governmental entities. For instance and without 
limitation, these computer systems allow individuals to 
consummate financial transactions, to exchange confir 
dential scientific and/or medical data, and to exchange 
highly proprietary business planning data. Hence, these 
computer systems require and/or allow very sensitive 
and confidential data to be stored and transmitted over 
great geographic distances. 

Moreover, the rise of multinational communications 

. networks, such as the publicly available internet com- 
munications system; has truly made the world a smaller 
place by allowing these computers, separated by great 
geographic distances, to very easily communicate and 
exchange data. In essence, these worldwide communi- 
cations channels/networks, sometimes collectively re- 
ferred to as "the Information Superhighway" have elec- 
tronically, connected the peoples of the world .- both the 
good and the very bad. 

That is, while these computer systems have in- 
creased efficiency and greatly changed the manner in 
which we work and interact, they have been especially 
prone to unauthorized "break-ins", viral destruction, 
and/or unauthorized data modifications. Accordingly, 
the rather sensitive and conf idential data which is stored 
and used within these computer systems and transmit- 
ted between these. computer systems has been the tar- 
get of attack by people known as "hackers" and by high 

. level and very sophisticated espionage and industrial 
spies. Computer access security and data transmission 
security has recently come to the forefront of importance 
and represents one of the great needs of pur times. . 

Many attempts have been made to create and uti- 
lize various techniques (hereinafter the term "technique" 
as used and/or. employed in this Application refers to any 
combination of software, hardware, and/or firmware 

. which . comprise an. apparatus . and a methodology 

. whose components cooperatively achieve an overall se- . 
curity objective) to "ensure" that only authorized users . 

: are allowed to gain access to these respective computer 
systems. These prior techniques, while somewhat ef- 



fective, suffer from vario*~ drawbacks. 

For example, one such prior computer system se- 
curity technique comprises the use of predetermined . 
"passwords". That is, according to this security tech- 
s nique, each computer system has a list of authorized 
passwords which must be communicated to it before ac- 
cess is given or allowed. In theory, one or more "trusted" 
system administrators distribute these "secret" pass- 
words to a group of authorized users of a computer sys- 
J0 tern. The "secret" nature of the passwords, in theory, 
prevents unauthorized users from accessing the com- 
puter system (since presumably these unauthorized us- 
ers do not have the correct passwords); This technique 
is not very effective since oftentimes those authorized 
*5 individuals mistakenly and unwittingly expose their 
password to an unauthorized user Moreoverjhis tech- 
nique of data security may be easily "broken" by a "hack-. . 
er's" deliberate and concentrated attempt at automati- 
cally inputting ; -to* the targeted computer, hundreds and 
20 perhaps thousands of passwords until an authorized 

password is created. 
: . in addition to the prior password technique other, 
more sophisticated access, techniques are known and 
used. For example, there, are known techniques which 
25 require the possession of a physical object or feature, 
. such as "access cards" which are "read" by a card read- 
ing-device and biometric authentication techniques (e. 
g. requiring the initial input of such authorized user phys- 
ical characteristics.as fingerprints and eye patterns and 
30 the later comparison of these input patterns to those of 
a "would-be" user). Both of . these prior techniques are 
relatively complicated, are relatively costly, and are 
prone to error, such as and without limitation, mistaken 
unauthorized entry due to their complexity. These tech- 
35 -- niques are also prone to unauthorized entry by use of 
. counterfeit and/or stolen cards, objects, and fingerprint 
readers. Other prior data security techniques, such as 
encryption, attempt to prevent unauthorized use of. 
transmitted data or unauthorized access to a computer 
40 system by modifying and/or changing the transmitted 
data in a certain manner, and/or requiring the transmis- . 
sibn and receipt of modified data before access is grant- 
ed. While somewhat effective, these prior encryption 
techniques are relatively costly and complicated and re- 
45 quire one or more known "encryption keys", which are in 
constant exchange between users and which are them- 
. selves susceptible to theft and/or inadvertent disclov 
sure. Furthermore, the best -known and perhaps strong- 
est encryption algorithm is. proprietary and cannot be 
so used .without a costly license. Moreover, since the en--" 
crypted message still provides all of the transmitted da- 
ta, in some form, it is still possible for one to gain access 
to the entire data stream by "breaking the encryption 
. code". Since no encryption algorithm. is ever considered. 
ss "unbreakable", encryption is not considered to be a 
"foolproof' security solution; 

. There is therefore a need to provide a technique to 
. substantially prevent the unauthorized access to one or 
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more computer systems and which o\ omes the var- 
ious drawbacks of these afore-described prior tech- 
niques. There is. also a need to provide a technique to 
. substantially prevent the unauthorized interception and 
use of transmitted data and which overcomes the vari- 
ous drawbacks of the prior art. Applicant's inventbn(s) 
seek and do meet these needs. Applicant's invention, in 
one embodiment, achieves these objectives by splitting 
the data into a plurality of separate communication 
channels, each of which must be "broken" for the entire 
data stream to be obtained. In essence, in this embod- 
iment of Applicant's invention, cooperatively form the 
entire message, The splitting of the data in this manner 
may also 'tool" the;would be data thief into believing that 
he or she has obtained all of the data when, in fact : only 
several communication channels are obtained. .. 

SUMMARY OF THE INVENTION 

While a number of 'objects of the .invention" are set . 
forth below it should be realized by one of ordinary skill 
in the art that the invention(s) are not to be limited, in 
any manner, by these recited objects. Rather, the recited 
"objects of the invention* are to be. used to. place Appli- 
cant's various inventions in. proper overall perspective 
and to enable the reader to better understand the man-, 
ner in which Applicant's inventions are to be made and 
used, especially in the preferred embodiment of Appli- 
cant's invention. Accordingiy/ih'e various "objects of the 
invention* are set forth below: 

It is a first object of the present invention to provide 

. a technique to substantially ensure that only authorized : 
users gain access to a computer system. 

It is a second object 61 the; invention to provide a 
technique to substantially ensure that only authorized 
users gain access to a computer system and which 
overcomes the various previously delineated draw- 

. backs of the prior computer system security techniques. 
. It is a Jhird object of the invention to provide a tech- 
nique to. substantially ensure that only authorized. users 
have access and use of certain transmitted data appear- 

: ing, for example, within a data stream. 

It is a fourth object of the invention to provide a tech- 
nique to substantially ensure that only authorized users 
have access and use of certain transmitted data and/or 
certain hardware, software, and/or firmware which co-- 
operatively form and/or comprise a computer system, 
and that this technique overcomes the various previous-, 
ly delineated drawbacks of the prior techniques. 

According to a first aspect of the. present invention, 

.-. a security system is provided. Particularly, the security ■ 
system is adapted to be used in combination with a com-., 
puter and to only grant an authorized individual access 
to the computer; The security system comprises, in one 
. embodiment, password means for receiving a password 
by use of a first communications channel; and code gen- 
eration means, coupled. to said password means, for 
.generating a code by use of a second communications 



channel, and to allow tha* .. dividual access to the com- 
. puter system only if that individual generates and com- 
municates the code to the code generation means. 
According to a third aspect of the present invention, 
5 a method is provided for use with a computer and effec- 
tive to substantially prevent an unauthorized user from . 
. accessing the computer. The method comprises, in one 
embodiment, the. steps of assigning a password to the • 
.iuser; receiving the password by use of a first communi- . 
io cations channel; generating a code in response to the 
received password; . transmitting the code by use of a 
second communications channel to the user; transmit- . 
ling the code to the computer; and allowing access to 
. the computer only after the code is transmitted to the . 
.15-. computer. 

According to. a fourth aspect of the present inven- 
tion, a security system is provided to grant an authorized 
individual. access to a. secured stream of data bits. In 
. . . one embodiment, the data.security system comprises a 
20 data stream dividing means for receiving said stream oi . ■ 
data bits.and dividing said stream of data bits into a plu- - 
raiity of sub-streams; transmitting means for transmit- 
ting said sub-streams in a predetermined order over a 
communication channe]: -and a decoding means for re- 
2$ ceiving said sub-streams and for recombining said re- 
ceived sub-streams to create said secured stream of da- 
■ ta bits. .' 

Further objects,, features, and advantages of the 
present, invention will become. apparent from a consid- 
30 eration of the following description, the appended 
claims : and/or the appended drawings. It should further . 
be realised by one of . ordinary skill in the art that the 
: ' previously delineated objects and aspects of the inven- 
tion are for illustration -purposes only and are not to be. 
35 construed so as to limit the generality of.lhe inventions 
and/or, to limit the interpretation to be given to the vari- 
ous appended claims. Moreover/ it should also be real- 
ized by those^ of ordinary skill in the. art that the term 
"communications channel" as used throughout this Ap- 
to plication refers to any physical and/or electromagnetic 
means or method of transferring and/or communicating 
information from one or. more sources to one or more 
receivers. Moreover, the term "communications chan- 
neP should be. given the broadest known interpretation 
4$ covering any method and/or medium which facilitates 
the transfer of information and/or over which such infor- 
mation is transferred. 

.*. BRIEF DESCRIPTION OF THE DRAWINGS 

so ■ . .. ' 

For a fuller and more complete understanding of the 

nature and objects of the present invention, reference 

should be had to the following drawings wherein: 

55 .' FIG. 1 is a block diagram of a computer security sys- . 
tern made In accordance with the teachings of the 
preferred embodiment having the preferred security 
techniques of the invention; 
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FIG. 2 is a block diagram of anothe. ombodiment of 
a computer, security system made in accordance 
with the teachings of the preferred embodiment 
having the preferred techniques of the invention; 
FIG. 3 is a block diagram of yet another embodi- 
ment of a security system made in accordance with 
the teachings of the preferred embodiment having 
the preterred techniques of the invention; 
FIG. 4 is a block diagramof another embodiment of 
a computer security system made in accordance 
with the. teachings of ..the preferred embodiment 
having the' preferred techniques of the invention; 
FIG. 5 is a schematic diagram of. a password table 
used by the computer security systems shown in 
Figures 1 and 2: and 

FIG. 6 is a block diagram of one embodiment of the 
. preferred embodiment of the invention. 

DETAILED DESCRIPTION OF THE INVENTION 

Referring now to Figure 1, there is shown a. block 
diagram of a computer security system 10, made in ac- 
cordance with the principles of the preferred embodi- 
ment of the invention and adapted for use in combina- 
tion with computer 80. More particularly., computer se- 
curity system 1 0 selectively allows communication and/ 
or data processing access to computer 80 in a manner 
which is technically described throughout the remainder 
of this Application. As shown, security system 10 in- 
cludes an "analyzing .means' 12 and a "randorn.code 
generating means" 14. 

In one embodiment of the preferred embodiment of 
the invention, analyzing means 12 comprises. one or 
more software subroutines which are adapted to exe- 
cute upon and/or within computer 80. Alternatively., an- 
alyzing means 12 may comprise a microprocessor and/ 
or similar type of computer which is adapted to operate 
under stored program control in the manner set forth in 
this Application. One example of another type of com- 
puter operating under stored program control and which 
. may be used by the preferred embodiment of the inven- 
:■ tion is shown and described within chapter eight of the 
text entitled Advanced Computer Arc hitecture: Parallel- 
ism Scalability. Proqrammability , which was authored by 
Kai Hwang, which is published, by McGraw-Hill, Inc., 
which has a library reference number of ISBN 
0-07-031 622 : 8, and the entire text of all of the chapters 
of which are fully and completely, incorporated herein by 
reference/ word for word and paragraph for paragraph. 
. In either embodiment; analyzing means 1 2 receives and 
compares at least two 'sets" or streams of data. Should 
the individually received "sets: match, analyzing means 
12 generates arid communicates an 'access granted" 
command to computer 80, allowing individual 18 access 
to the computer 80 Moreover,, random code generating 
means 1 4 may similarly comprise a conventional pseu- 
do-random number generator which may be construct- 
ed or developed on one or more software subroutines 



which reside and operate/ execute upon and/or within 
computer 80 or may comprise a microprocessor and/or 
similar type of computer which operates under stored 
program control. 
5 In operation, individual 18, desiring access to and 
within computer 80 utilizes a first communication chan-. 
net 82 (e.g. a first telephone line, radio channel, and/or 
satellite channel ) and communicates; by use. of his or 
her voice or by use of a computer i 9 a first password to 
to analyzing means 1 2. Analyzing means 12 then checks 
and/or compares, this first received, password with a . 
. master password list which contains all ot the authorized 
passwords associated with authorized entry and/qr ac- 
cess to computer 80. 
J5. As shown in Figure 5, in the preferred embodiment 
. of the invention, analyzing means 12,contains a rnaster 
password list 200 having a first column of entries corre- 
sponding to authorized passwords necessary to gain 
access to computer 80. Moreover, as f urther, shown in 
'20 Figure 5 ; each authorized password 202/ contained in 
this master password list 200, has a unique first entry 
■ 204 associated with it and which identifies the name of 
the authorized user who has been assigned that corre- 
sponding password and at least one telephone number 
25. 206 and/or. network address associated with the. identi- 
tied user. 

If the received password matches an entry of the 
master password list, analyzing means 1 2 generates a 
command, by means of connecting bus 17. or software 

30 message or function, call to random code generating 
means 14 and causes the random code generation 
means 14 to generate a substantially random and/or 
pseudo-random number or code, of programmable 
.. length, and to transmit the number and/or code, by : 

35 means of a second communications channel 84, to the 
individual 85 associated with the received password 202 
in the master password list. That is. as shoulcl b.e appar- 
ent to one of ordinary skill in the art, code generation , 
means 14 includes both a random number generator 

40 and a conventional and commercially available commu- 
nications interface (e.g. modem arid/or telephone/pager 
interface), allowing the; generated pseudo-random code, 
to be generated or communicated over a wide variety of 

. mediums.: ... 
45 . . Further, it should be.apparent that individual 85 may 

or may not be the same person as individual 18 . If in- 
dividual 18 was the individual identified in the master 
password list (e.g. "was authorized"), that individual 1 8 
receives the pseudo-random number and transmits the 
so number to the analyzing means 12, by means of com- 
munications channel 82;- Once the pseudo-random 
number is received by the analyzing means 12. from 
channel 82. it is compared with the number generated 
by generation means 14- If the two codes are substanr 
. £5 tialry the same; entry to computer 80 and/or to a certain 
• part of computer 80 such as, without limitation, the hard- 
ware, software,.and/or firmware portions ol computer 80 
is granted to individual 18. For instance, in another em- 
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bodiment. table 200 of Figure S.could cut itain yet anoth- 
er set of entries specifying the directories or portions ol 
computer 80 that the individual 18 was allowed to have 
access to. In this manner allowed access to computer 
80* would be further restricted to those computer por- 
tions which are specified within table 200. It should be 
apparent. to one of ordinary skill in the art that these por : 
tioris may be different tor different users and that each 
authorized user may have a d iff e rent, port ion that may', 
be accessed in ah authorized manner. 

It should be apparent to one of ordinary skill in the 
art that Applicant's foregoing computer security tech- 
nique is a relatively low-cost, but effective technique, for 
properly ensuring that only authorized users gain ac- 
cess to. a computer system, such as computer system 
80. That is : Applicant's foregoing computer security em-, 
bodiment utilizes two distinct communications. chan- 
nels and a random number generator in order to ensure , 
that an authorized user of a computer system is notified 
that someone- or something is seeking access to the 
computer system with his or her password, Moreover, 
Applicant's foregoing invention is very cost effective as 
it employs substantially "off the shelf and. readily avail- 
able components. .Further, the use of a "secret" pass- 
word., a "secret" substantially random number, and a 
•secret" second channel allows for multiple levels of se- 
curity before access to the computer system is achieved 
and provides enhanced security over the prior art. 

Referring now to Figure 6 there is shown a compu- 
ter system 400. made in accordance with the teachings 
of the preferred embodiment of the invention and repre- 
senting one example and/pr implementation which is. 
made in accordance with the various teachings of the 
preferred embodiment of the invention As shown, com- 
puter system.400 includes a host computer 402 (corre- 
sponding to computer 80 of the system shown in Figure 
1 ) to which a useror other individual 404 (corresponding 
'tdindrviduaneof Figure 1) desires access to. As further 
shown in Figure 6. As shown, individual 404,.in this im- 
. plementation example, utilizes a commercially available 
and conventional compute; 406 and a commercially 
available and conventional modem 408 to communicate 
with a commercially available and conventional modem 
, .410 by means of a typical communications channel (e. 
g. a conventionardial-up" telephone line) 412. Hence, 
the user 404, in this embodiment, only requires conven- 
tional computer equipment. Host computer 402, in this 
embodiment, requires a . conventional and commercially 
available automatic dialer which is altered, in a known 
manner, to receive and pass one or more passwords, 
and/or codes as data, 
v In operation, user 404 dials through and/or by 
means of his or her computer 406 and modem 408 in 
the usual and conventional manner to connect. and ac- 
cess host computer 402.The host computer 402, using 
the principles of the preferred embodiment of this inven- 
tion/answers the requester's call,- which occurs. over 
channel 4 1 2, and requests and receives the user 1 s iden- 



tification code, host corripuier 402 checks the received 
identification code and cross references the received 
password code against a pager phone number list res- 
ident within the user table 414 which is stored within 

s computer 402. This comparison, is a match is made, 
causes the "code generator" software subroutine 415, 
resident within computer 402, to generate a pseudo-ran- 
dom number code and passes the received code along 
. with the authorized user's pager number to the commer- 

io dally available and conventional automatic dialer 418. 
The automatic dialer 41 8. telephones the conventional 
and commercially available pager 420 bymeans of con- 
ventional and commercially available communication . 
channel 422 (e.g. voice line) and transmits the code to 

75 the user's pager As this, happens, the host computer 
402 awaits the . reply from the user attempting to gain 
. access to the computer 

The. user 404 now enters the code he or she has 
received from the pager 420 and any timing instructions 

20 which, in yet another embodiment of the invention may 
also be transmitted from.cpmputer 402, and sends this 
password or pseudo-random code back to. computer , 
402 whereat is compared within the software subroutine 
. module denoted as "code compare" 416 in Figure 6. It 

is the comparison yields a match, theuser 404 is allowed 
access to computer 402 arid/or to a portion of computer 

: 402. ■ . . ' ' ' : - ■/ ' : 

Referring now to Figure 2, there is shown a second 
embodiment of a computer security system made in ac- 
30 cordance with the teachings of the preferred embodi- 
ment of the invention.; This, second embodiment 20 is 
substantially similar to system 1 0 but alsoincludes a tim- 
er or Timing means" 40 which may, comprise one or 
more software subroutines which are adapted to oper- 
as . ate and/or execute within and/or upon computer 80 or 
; may comprise a microprocessor which operates under 
. stored program control, in one embodiment, timing 
. ' means 40 comprises a conventional ."watchdog timer" 

as will be apparent to those of ordinary skill in the art. 
40 . In operation, timing means 40 records the time at 
which, the first and second passwords are received by. 
. analyzing means 12. Timing means 40, in one embodi- 
ment which is coupled to analyzing means 12andcode 
generation means 1 4 by bus 42 and in another embod- 
is iment which is in.software communication with means 
1 2 and 1 4, then compares the times to determine wheth- 
er the second password was received within a prede- 
termined period or predetermined "window" of time after 

■ the first password was received. In the preferred em- 
sq bodiment of the invention, the predetermined period of 
time is programmable." The predetermined period of 
time, will typically need to vary according to the nature 
or the communications medium used by means 14 to 
notify individual 85 of the value of the generated code. 
ss For example, the predetermined period of . time would 
be shorter when communications channel 84 comprises 
a pager or cellular phone, since the owner has immedi- 
ate access to the code upon transmission; and longer 
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when communications channel 84 comprises a voice- 
mail system which the owner has to affirmatively access 
to receive the code/!! the second password was not re- 
ceived within the predeterminedperiod of time, analyz- 
ing means 12 denies entry to the secured domain (e.g. 
computer 80). 11 the second password was received 
within the predetermined period of time, ' analyzing 
means 1 2 compares it to the code which was previously 
generated, if the second password is not substantially 
identical to the previously generated code, analyzing 
means 12 denies individual 18 entry to the secured do- 
main (e.g. computer 80): If the received password is 
substantially identical to the code, analyzing means 12 
grants individual 18 entry into the secured domain. As 
will be readily apparent to those of ordinary skill in the 
art, timing means 40 provides yet a third level of security 
to computer system BO. Moreover, it should also be. ap- 
parent to one of ordinary skill in the art thai this "predo-. 
termined/time" may be as short or as small as several., 
miili-seconds or micro-seconds. This ts particularly true 
if, in yet another embodiment of Applicant's invention, 
the password generated by . communication means 14 
is received by a computerized device which is adapted 
to received the password and to.generate a new pass- 
word code in a substantially automatic manner. . 

Referring now to Figure 3, there is shown a block 
diagram of a third embodiment of a computer security 
system made in accordance with the principles of the 
preferred embodiment of the invention As shown, com- 
puter security system 70.is adapted to receive an input 
data stream 72, comprising in a first embodiments plu- 
rality of digital data bits' 73,. which are to be securely 
transmitted to; a distant' site. System 70, as further 
shown, includes a data stream dividing means 74 which 
in one embodiment comprises a commercially available . 
one input and two channel output time division or statis- 
tical multiplexor which samples the bits of received data 
and plates, in a certain predetermined manner (e:g: al- 
ternately) some of the received data bits onto the first 
communications channe! 76 and some of the received 
data bits onto the second communications channel 78. ; 
In this manner, one attempting to wrongfully intercept 
•and/or access the data stream 72 would need access 
to; both communications channels 76, 78 and would 
need to . know the dividing algorithm that dividing means 
74 utilizes to divide the received data for placement onto 
channels. 76,78. Applicant's third embodiment therefore 
provides a very high level of data transmission security. 

As. further shown in Figure 3, in this third embodi- 
ment of the invention, security system 70 further in- 
. eludes a decoding means 88 which may comprise a 
commercially available microprocessor operating under 
stored algorithmic program control and which contains 
"mirror image* of the algorithm used to divide the data 
stream transmitted to it by means 74. In this manner, the 
data from each of the channels 76,78 is reconstituted 
onto single channel 89; in substantially the exact same 
mapner. that it was received by means 74. In essence, 



this third embodiment of Applicant's invention allows 
and/or provides for the "splitting" of a data stream into 
a plurality. of channels in a predetermined manner and 
the concomitant reconstitution of the daia stream once 
\s the data has traversed the communications medium. 
. Hence, the embodiment in Figure 3 splits the data .. 
stream so that anyone getting access to one of the chan- 
nels 76, 78 canl reconstruct the data stream because 
they're missing half or more of the information. It more 
70 channels are used, each channel carries tar less than 
one-half the information. 

. Referring now to Figure 4. there is shown a fourth 
. -embodiment of a computer security and/or data trans- 
mission system 100 which is made in accordance with 
J5 the teachings ol the preferred embodiment of the inven- 
. . tion As shown, system 100 is adapted to receive a plu- 
rality of data bits 1 03 contained in a first communications 
. channel 102. It.should be noted that the data. contained . 
within this channel 102 is interspersed wi! h a plurality of 
20 "non : data* or filler data bits or "material" 104 according 
to some predetermined and/or randomly varying algo- 
rithm (e.g. every third bit space is filler data) by a micro- 
processor system 106 which is operating under stored 
program control. The filler data. 104 is binary data and. . 
25 cannot be deciphered as "filler" by ah unauthorized user. 
Therefore, even if one were to intercept the transmitted 
data, one could not decipher or decode the data. System 
lOOfurther incIudes a decoder 110 for thedata reception 
and decodes 202 for the algorithm reception which, in 
so one embodiment, comprises a microprocessor acting 
under . stored program control and which is adapted to 
"strip off the "filler" bits and to allow the originally trans- 
mitted data to be reconstituted; In this man ner, data may 
be safely transmitted and received in an authorized 
35 manner. In yet. another embodiment _ of the invention 
. which is shown in Figure 4, the algorithm which controls 
the filler pattern and/or the way thai the filler data is in- , 
terspersed within the rregular" data pattern may be pe- 
riodically changed in a known and predetermined man- 
40 ner. In this embodiment, the filler data is interspersed, 
within the "regular" data according to a varying filler al- 
. gorithm (e.g, every three bits for the first 99 bits and then 
-, every four bits thereafter). I ri this embodiment, decoder 
110 is adapted to "strip" off these filler bits by having 
45 prior knowledge (e.g.. embedded within a computer pro- 
gram resident within and controlling the decoder) of the 
: varying algorithms, which are utilized by system 100. 
Here, in the embodiment shown in Figure. 4. unlike that. 
' shown and described with respect to Figure .3, all the 
so ". data is transmitted on a single channel but is "muddied." 
... /• .In yet another embodiment of the invention, as 
shown in Figure 4, a varying data key is transmitted to 
decoder 110. and/or decoder 202 by microprocessor 
system 106 by use of a second channel 200. Inthisman- 
55 ner, a second chanhelis needed to tell or communicate 
' the manner in which the filler data is interspersed within 
the regular data so that the 'decoder 1 1 0 may "strip off" 
. the. filler. data. In this manner, the filler patterns may be 
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dynamically changed; Hence. Ihis sy~.~m utilizes dual/ 
multi channel media to communicate the cryptic modu- 
lation ot the data with filler. 

It is to be understood that the invention is not limited 
. to the exact. construction or method illustrated and de- 
scribed above, but that various changes and modifica- 
tions may be made without departing from the spirit and 
scope of the invention as defined in the following claims. 

Claims 

1. A security system, for use in combination with a 
computer said security system comprising; . 

An analyzing means for receiving first pass : 
word: for generating a first signal in response 
to said received first password, for receiving a 
first codei for receiving a second code : and for 
; : allowing access to said computer only if saic 
first and said second codes are substantially 
identical and; . 

code generation means for receiving said first 
signal and for generating and communicating 
said first code to said ana lyzi ng means. 

2. A method to restrict access to a certain group of in- 
dividuals to a computer, said method comprising the 
steps of: 

assigning a unique password to each of said 
certain group of individuals; 
assigning a telephone number to each of said 
unique passwords: 
receiving a data stream; 
comparing said data stream to each of satd 
unique passwords identifying one of said 
unique passwords with said data stream; . 
generating and transmitting a first code to said 
telephone number associated with, said one 
identified password; 
receiving a second code; 
comparing said first and said second codes; 
.and . 

allowing access to said computer only is said 
- . . first and said second codes are substantially 
identical 

3. A method to securely transmit data comprising the 
steps of: 

receiving, said data; 

distributing said. received data into a plurality of 
communications channels; ; ' 
. transmitting said distributed data by use of said 
plurality of communication channels; 
receiving said distributed data; 
and reconstituting said data. 



4. A method to securely transmit data having a plural- 
ity of bits, said method comprising the steps of: 

interspersing a plurality of filler data bits into 
s said data in a certain pattern; 

transmitting said data and aid interspersed filler 
data; 

■ . receiving said data and said interspersed filler 
data;. 

to and discarding said interspersed filler data. 

5. A security system adapted to grant an authorized 
individual access to secured domain, comprising:- 

is . an analyzing means for receiving first and sec- 

ond passwords, each of said passwords being 
transmitted over a first communication channel, 
. analyzing said first password, transmitting a 
first signal output only if said first password is 

20 authorized, and granting access to said se- 

. , cured domain only if said second password is 
substantially identical to code; and 
a random code generating means. for generat- 
ing said code, transmitting said code over a 

.25 . second communication channel upon receipt of 

first signal output, and transmitting said code to 
said analyzing means. 

6. The invention according to claim 1 wherein said an- 
30 . alyzing means if further comprises a timing means 

for recording the time that said first password is re- 
ceived and granting access to said secured domain 
only if said second password is received within a 
predetermined period of time. 
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